Re: Regarding to disable some signature algorithm in client hello message

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 19/06/18 07:16, Devang Kubavat wrote:
> Hi,
> 
>  
> 
> I want to disable the SHA1 hash algorithm in Extension: signature
> algorithm client hello message.
> 
>  
> 
> I have used
> 
>       /* the signature algorithms list */
> 
>       constcharsignAlgo[] = "RSA+SHA256";
> 
>       (void)SSL_CTX_set1_client_sigalgs_list(ctx, signAlgo);
> 
>  
> 
> But, still client is setting all algorithms. Is there any other way to
> set signature algorithm to SSL_CTX or SSL ?


The function "SSL_CTX_set1_client_sigalgs_list()" is for setting
signature algorithms related to *client authentication*. This is not the
same as the sig algs sent in the ClientHello. For that you need to use
SSL_CTX_set1_sigalgs_list().

Matt
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux